Intelligence Community Solutions
It is hard to imagine a more complex security scenario than managing our Nation’s 16 intelligence agencies’ needs. From individual agency initiatives to White House directives and working groups, the holy grail of a secure, integrated means of securing agency information while allowing other intelligence agencies to share appropriate data has been long sought. Prodentity can overlay DNA™ on existing software, databases, operating systems and physical security mechanisms to seal the cracks and allow for centralized or distributed management of all assets through a secure server that is simple to administer, easy to deploy and cost-effective. Using our combined 30 year insider knowledge of the intelligence community, we have come up with five sample scenarios DNA™ can manage in a comprehensive manner unrivaled by our competitors.
Securing Against the Insider Threat
The insider threat, both unintentional and malicious, is one of the single largest threats to your enterprise’s security. In order to secure against the insider threat, you must be able to establish trust, separating authentication and authorization, and the establishment of need to know. DNA enables such a scheme, allowing an enterprise to dynamically allocate the need to share. As the “state of the union” changes, DNA allows you to dynamically update individuals’ access to data, disk volume, networks, services, physical space (e.g. compound, entrance, vault), workstations (fixed or mobile), physical assets (secured by RFID or other sensors). DNA ensures that each event is audit-able, with all audit information secured as objects, preventing modification of audit logs by unauthorized individuals. All modifications themselves are then audit-able. DNA allows roles and responsibilities to be separated, such that even the lowest responsible authority has the only administrative rights to a given object(s). With DNA, all of this can respond dynamically to the levels of trust the enterprise associates with different authentication mechanisms, and the context (e.g. location, time, event context (e.g. COOP, threat level)) of an authentication event.
Cross Organizational Boundary Information Sharing
Increasingly, organizations feel the need to share information across organizational boundaries in order to meet the increasing pace of the mission, and to leverage the relevant expertise which often resides within multiple organizations. Cross boundary information sharing faces a variety of challenges that can be best understood from the standpoint of individual user identities and their interaction with multiple organizations’ infrastructures via DNA. In some cases, DNA enables actors from outside your enterprise to access data (via services, database, disk, etc.) residing within your enterprise. In other cases, DNA enables your own staff, while residing outside your enterprise, to access data within your enterprise. DNA makes all such determinations based upon a rich grasp of the context in which the user is operating, including the security domain on which his host resides, the security domain from which he is requesting access, the means of authentication, the date/time of the access, “state of the union”, and whether they he has met all previous dependencies, such as a valid access at the front gate or the individual vault. Sharing information across organizational boundaries is so challenging because individual organizations find it difficult to enforce their policies and their sensitivities on users. DNA enables such policy sensitive cross organizational boundary information sharing.
Securing the Cloud
As our computing environments increasingly collapse toward a single network, we will begin realizing the vision of Cloud Computing. In this world, there is a very acute need to be able to dynamically allocate (grant and revoke) privileges for actors/agents (with various credentials operating from different points of entry into the Cloud) to access and perform functions on specific pieces of data, disk volumes, networks, services, physical space (e.g. compound, entrance, vault), workstations (fixed or mobile), and physical assets (secured by RFID or other sensors). All actions across the Cloud must be secured and all events across the Cloud must be audit-able, with all audit information secured as objects, preventing modification of audit logs by unauthorized individuals. All modifications must themselves be audit-able. As we approach the Cloud, roles and responsibilities must be separable, such that even the lowest responsible authority has the only administrative rights to a given object(s). All of this must respond dynamically to the levels of trust the enterprise associates with different authentication mechanisms, and the context (e.g. location, time, event context (e.g. COOP, threat level)) of an authentication event.
Creating high assurance business processes
There is a need to construct high assurance business processes as functions that can be executed only with the predefined participation of multiple parties as defined in DNA. Within your enterprise, the lifecycle management of an asset must be thought of as a business process that is bound by authentication and authorization at each stage. Such a scheme allows for the trusted participation of multiple parties in complex workflows such as “Reliable Human Review” for the release of information from one security domain to another (typically higher to lower), and the processing of requests for access to data governed by “Restricted Handling” rules. For instance, managers often make business decisions authorizing a stream of activity, but do not have the administrative rights to execute. With DNA, it is possible to design a business process that the manager can initiate, and which multiple administrative parties and supervisory parties must participate in for this task to be fully executed. Many of the administrative parties who have no “need to know” would be restricted by DNA to only edit (create, update, delete), review (go/no go), or release data based on their rights and privileges.
Identity Aware Tearline Dissemination
The tearlining of classified information is a long tradition in the national security domain which increasingly has relevance in both the civilian and commercial domains. There are two common scenarios for tearline processing that DNA can enable to be dynamic and identity-aware. The first might be called “standard online tearline processing” where users or processes seeking to disseminate a tearlined document first send it to an enterprise process which sends each recipient only the document sections that match the privileges associated with their identity. The second might be called “portable offline tearline access management” where recipients receive a tearline document in its totality, with each section encrypted such that recipients can only decrypt and read sections that match the privileges associated with their identity. In the later case, as the “state of the union” changes, a user may dynamically be allowed to see more highly classified sections of the document which earlier only allowed him to see less classified sections. This would be contingent upon the tearline document’s client application re-authenticating against the DNA server.
We will soon have several examples of how our unique technology can be deployed within the enterprise.
- Collaboration between emergency response agencies at the federal, state and local levels can be enhanced due to the information sharing administrative ability built in to our technology that is transparent and seamless to the end user. For example, with our system a single document could contain information relevant to FEMA, state EMS agencies and local first responders, but have certain material that only FEMA staff is allowed to view. Rather than creating several versions, our technology can automatically filter who can see certain elements of the document without burdensome administrative intervention. We can do this because access is based on personal identity, plus organizational location, and combined with a degree of trust based on how personnel have logged into the system.
- Collaboration between agencies and personnel who have varying degrees of security clearances can be enhanced and simplified because of the capabilities described above. For example, using our technology in a secure environment, a “cleared” staffer can view secure and non-secure documents on the same machine. In a non-secure environment, the same staffer can only view non-secure documents.
- Complex group decision-making processes within an agency or across agency and department boundaries are simplified. For example, suppose a group in an agency needs to have a quorum to add a staffer to a secure view list. Our technology can require that 3 of 5 members log on with a high trust level within 15 minutes and vote to successfully add the staffer. Complex criteria for group decision-making can be simply constructed within our technology.
Our enterprise security approach merges solutions into a cohesive fabric because we secure the enterprise, not its components. We continue to work with DHS to find ways DNA™ and our Identity Management Server can help keep our Nation secure.